China steps up defense on hacking allegations

BEIJING -- Chinese state media stepped up the war of words Thursday over allegations of sophisticated cyberattacks on U.S. firms, branding the accusations a “commercial stunt” and accusing Washington of ulterior motives.

American Internet security firm Mandiant earlier this week said that a Chinese military cyberspy unit had been targeting U.S. and other foreign firms and organizations with hacking attacks.

But an editorial in the state-run China Daily said: “One cannot help but ask the real purpose of such a hullabaloo.

“With the U.S. economic recovery dragging its feet, it is reasonable to think that some in Washington may want to make China a scapegoat so that public attention is diverted away from the country's economic woes.”

Defence ministry spokesman Geng Yansheng said the People's Liberation Army had itself been the target of a “significant number” of cyberattacks.

“A considerable number” of them originated in the United States, judging from the IP addresses involved, he said, but added that he did not accuse the U.S. government of being involved. He had earlier said Mandiant's claims had “no factual basis.”

The media backlash came after the U.S. government Wednesday vowed to aggressively combat a rise in the foreign theft of trade secrets.

A new strategy document released by the White House did not explicitly name China, but warned that foreign governments and firms had stepped up efforts to obtain such material, threatening U.S. economic and national security.

In its report, Mandiant alleged the hacking group “APT1” — from the initials “Advanced Persistent Threat” — was part of the Chinese military's Unit 61398 and had stolen hundreds of terabytes of data from at least 141 organizations across 20 industries.

Targeted companies included some involved with significant sections of the American domestic infrastructure.

Western analysts dismissed the Chinese denials as “meaningless.”

A strongly worded commentary by the official news agency Xinhua said the Mandiant document “reeks of a commercial stunt.”

“Next time, the CEO could simply say: 'See the Chinese hackers? Hurry up, come and buy our cybersecurity services,'” it went on.

It said the U.S. had a “matchless superiority and ability to stage cyberattacks across the globe,” and that the U.S. military had “established a significant cyberforce, including the 780th Military Intelligence Brigade, which is a regular military unit tasked with carrying out cybermissions.”

Washington, it added, had a “habit of accusing other nations based on phony evidence.”

“Facts will eventually prove that the cyberattacks accusations are groundless and will only tarnish the image and reputation of the company making them, as well as that of the United States,” it said.

An expert quoted in China's state-run Global Times newspaper questioned U.S. motives, saying Washington was exaggerating the cyberthreat posed by China in order to garner support from other Asian countries.

“The U.S. is raising the profile of the 'invisible' cyberthreat as a new weapon in order to balance its losses in the Asia-Pacific pivot strategy,” said Hun Xudong, a professor with the PLA National Defense University.

“The U.S. controls the world's main servers. This has been a threat to China's cybersecurity,” he added.

Western academics said they were unsurprised at the rhetoric used by Chinese officials in denying the hacking allegations.

James Lewis, a senior fellow at the Center for Strategic and International Studies in Washington, said: “It's a standard Chinese diplomatic ploy to say 'it isn't us, and in any case, you do it, too.'